Fix remove_dataacl_table fixture to correctly delete and restore DATAACL table (#21021)

rajkumar1-arista · web-flow · commit 62d0c779cd9f · 2025-11-13T11:08:09.000+08:00
What is the motivation for this PR?
As DATAACL was never restored for dualtor topologies, sometimes DATAACL table was bound to the same PortChannels that carry the BGP traffic, that lead to routes corruption and various tests failing.

How did you do it?
Modified the fixture to correctly check and delete and later accordingly restore the table

How did you verify/test it?
Ran test/test_acl_stress and verified the DATAACL was being restored in teardown
diff --git a/tests/acl/test_stress_acl.py b/tests/acl/test_stress_acl.py
@@ -116,12 +116,13 @@ def setup_table_and_rules(rand_selected_dut, prepare_test_port):
 
 
 @pytest.fixture(scope="module", autouse=True)
-def remove_dataacl_table(duthosts, rand_selected_dut):
+def remove_dataacl_table(duthosts):
     """
     Remove DATAACL to free TCAM resources.
     The change is written to configdb as we don't want DATAACL recovered after reboot
     """
     TABLE_NAME_1 = "DATAACL"
+    data_acl_existing_duts = []
     for duthost in duthosts:
         lines = duthost.shell(cmd="show acl table {}".format(TABLE_NAME_1))['stdout_lines']
         data_acl_existing = False
@@ -133,23 +134,25 @@ def remove_dataacl_table(duthosts, rand_selected_dut):
         if data_acl_existing:
             # Remove DATAACL
             logger.info("Removing ACL table {}".format(TABLE_NAME_1))
-            rand_selected_dut.shell(cmd="config acl remove table {}".format(TABLE_NAME_1))
+            duthost.shell(cmd="config acl remove table {}".format(TABLE_NAME_1))
+            data_acl_existing_duts.append(duthost)
 
-    if not data_acl_existing:
+    if not data_acl_existing_duts:
         yield
         return
 
     yield
     # Recover DATAACL
     config_db_json = "/etc/sonic/config_db.json"
-    output = rand_selected_dut.shell("sonic-cfggen -j {} --var-json \"ACL_TABLE\"".format(config_db_json))['stdout']
-    entry_json = json.loads(output)
-    if TABLE_NAME_1 in entry_json:
-        entry = entry_json[TABLE_NAME_1]
-        cmd_create_table = "config acl add table {} {} -p {} -s {}"\
-            .format(TABLE_NAME_1, entry['type'], ",".join(entry['ports']), entry['stage'])
-        logger.info("Restoring ACL table {}".format(TABLE_NAME_1))
-        rand_selected_dut.shell(cmd_create_table)
+    for duthost in data_acl_existing_duts:
+        output = duthost.shell("sonic-cfggen -j {} --var-json \"ACL_TABLE\"".format(config_db_json))['stdout']
+        entry_json = json.loads(output)
+        if TABLE_NAME_1 in entry_json:
+            entry = entry_json[TABLE_NAME_1]
+            cmd_create_table = "config acl add table {} {} -p {} -s {}"\
+                .format(TABLE_NAME_1, entry['type'], ",".join(entry['ports']), entry['stage'])
+            logger.info("Restoring ACL table {}".format(TABLE_NAME_1))
+            duthost.shell(cmd_create_table)
 
 
 @pytest.fixture(scope='module')
